Question No: 212 – (Topic 3)

Your company has a server named server1that runs Windows Server 2008 R2. Server1 has the DHCP Server server role installed.

You find that a desktop computer named Computer1 is unable to obtain an IP configuration from the DHCP server.

You install the Microsoft Network Monitor 3.0 application on Server1. You enable P-mode in the Network Monitor application configuration. You plan to capture only the DHCP server- related traffic between Server1 and Computer1.

The network interface configuration for the two computers is shown in the following table.

You need to build a filter in the Network Monitor application to capture the DHCP traffic between Server1 and Computer1.

Question No: 213 – (Topic 3)

You have a client computer named Computer1 that runs Windows 7. You need to ensure that, from

Computer1, you can enumerate all of the records in the fabrikam.com DNS zone. What should you modify?

the forwarders of Server1

the root hints of Server1

the security settings of the fabrikam.com DNS zone

the zone transfer settings of the fabrikam.com DNS zone

Answer: D

Question No: 214 – (Topic 3)

Your company has a domain controller named Server1 that runs Windows Server 2008 R2. Server1 has the DNS Server server role installed.

You need to configure the DNS server to resolve IP addresses to host names. Which record should you create?

Pointer (PTR)

Host Info (HINFO)

Service Location (SRV)

Canonical Name (CNAME)

Answer: A Explanation:

Pointer (PTR) resource records support the reverse lookup process, based on zones that are created and rooted in the in-addr.arpa domain. These records locate a computer by its IP address and resolve this information to the DNS domain name for that computer

Question No: 215 – (Topic 3)

Your company has deployed Network Access Protection (NAP) enforcement for VPNs. You need to ensure that the health of all clients can be monitored and reported.

What should you do?

Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.

Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain Controllers organizational unit (OU).

Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the domain.

Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the Domain Controllers organizational unit (OU).

Answer: A

Question No: 216 – (Topic 3)

Your company has five office buildings in the same city. Each building has its own IP subnet. There are shared printers in each building. Active Directory sites and Active Directory subnets exist for each office.

Each user has a laptop that runs Windows 7. The users frequently travel between the office buildings.

You plan to publish all of the shared printers in Active Directory and to specify the Location attribute of each shared printer.

You need to ensure that the users can browse for shared printers based on the location of the printer. The solution must ensure that when the users attempt to add printers by using the Add Printer wizard, the users#39; current location is used automatically.

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

From the properties of each subnet object, set a value for the Location attribute.

From a Group Policy object (GPO), enable the Allow pruning of published printers setting.

From the properties of each print server computer account, set a value for the Location attribute.

From the properties of each Windows 7 computer account, set a value for the Location attribute.

Answer: A,D

Question No: 217 – (Topic 3)

Your network contains a server named Server1 that runs Windows Server 2008 R2. The network for Server1 is configured as shown in the table.

You plan to deploy DirectAccess on Server1. You need to configure the network interfaces on Server1 to support DirectAccess. What should you do?

Add the IP address of 10.1.2.2 to LAN1.

Remove the IP address of 131.107.1.13 from Internet2, and then add the address to LAN1.

Remove the IP of address 131.107.1.13 from Internet2, and then add the address to Internet1.

Add the default gateway of 131.107.1.1 to Internet2.

Answer: C

Question No: 218 – (Topic 3)

Network Access Protection (NAP) is configured for the corporate network. Users connect to the corporate network by using portable computers. The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.

You need to ensure that users can access network resources only from computers that comply with the company policy.

Question No: 219 – (Topic 3)

Your company has a single domain named contoso.com. The contoso.com DNS zone is Active Directoryintegrated.

Your partner company has a single domain named partner.com. The partner.com DNS zone is Active Directory-integrated.

The IP addresses of the DNS servers in the partner domain will change. You need to ensure name resolution for users in contoso.com to resources in partner.com.

What should you do?

Create a stub zone for partner.com on each DNS server in contoso.com.

Configure the Zone Replication Scope for partner.com to replicate to all DNS servers in the forest.

Configure an application directory partition in the contoso.com forest. Enlist all DNS servers in the contoso.com forest in the partition.

Configure an application directory partition in the partner forest. Enlist all DNS servers in the partner forest in the partition.

Answer: A

Question No: 220 – (Topic 3)

You deploy Network Access Protection (NAP) on your network. An administrator configures a network policy as shown in the exhibit. (Click the Exhibit button.)

You discover that noncompliant client computers cannot access the remediation network. You need to configure the network policy to ensure that noncompliant client computers can access the remediation network.